#!/bin/sh #ident "@(#)dsnmp_genconf 1.24 11/12/99 SMI" # # # Copyright 11/12/99 Sun Microsystems, Inc. All Rights Reserved # # # $1 = install Script is called by pkgadd # $2 = remove Script is called by pkgrm # $3 = configure Script is called by the administrator # # The following vars are declared in pkginfo or in request # PKG package abbreviation # Exit codes for installation scripts e_ok=0 e_fatal=1 # stop installation on this exit e_warning=2 # Installation will go on. e_int=3 # Interrupted. Stop installation ###################################################################### # UTILITIES ###################################################################### AWK=/bin/awk CAT=/bin/cat ECHO=/bin/echo EXPR=/bin/expr GREP=/bin/grep EGREP=/bin/egrep HEAD=/bin/head RM=/bin/rm SED=/bin/sed TAIL=/bin/tail WC=/bin/wc CP=/bin/cp MV=/bin/mv LN=/bin/ln CHMOD=/bin/chmod SORT=/bin/sort SLEEP=/bin/sleep TOUCH=/bin/touch ###################################################################### # VARIABLES ###################################################################### PKG=ldap MYDIR=`dirname $0` EXECSPATH="`(cd $MYDIR ; pwd)`" PATH="$PATH:/sbin:/bin:/usr/bin:/opt/SUNWconn/sbin:/opt/SUNWconn/ldap/sbin:$EXECSPATH" BASEDIR=/opt/SUNWconn/$PKG SNMPD_RC=/etc/init.d/init.snmpd SNMPSLAPD_CONF=/etc/opt/SUNWconn/ldap/current/dsnmpserv.conf SNMPSLAPD_BOOTS=/etc/opt/SUNWconn/ldap/current/dsnmpserv.boots SNMPSLAPD_LOG=/var/opt/SUNWconn/ldap/log/dsnmpserv.log SNMPSLAPD_RC=/etc/init.d/init.dsnmpserv TMP_SNMPSLAPD_CONF=/tmp/`basename $0`.dsnmpserv_conf.$$ SNMPRADIUS_CONF=/etc/opt/SUNWconn/ldap/current/dsnmprad.conf SNMPRADIUS_BOOTS=/etc/opt/SUNWconn/ldap/current/dsnmprad.boots SNMPRADIUS_LOG=/var/opt/SUNWconn/ldap/log/dsnmprad.log SNMPRADIUS_RC=/opt/SUNWconn/ldap/sbin/init.dsnmprad TMP_SNMPRADIUS_CONF=/tmp/`basename $0`.dsnmprad_conf.$$ ###################################################################### # FUNCTIONS ###################################################################### bad_usage () { $ECHO "Usage: $0 { install | configure | remove }" exit $e_fatal } ###################################################################### snmpradius_write_conf () { $CAT < $SNMPRADIUS_CONF # # The configuration file of the Sun Directory SNMP agent # that monitors: # - radius authentication server # - radius accounting server # ################## # access control # ################## # The list of community names needed for read/write access # to the entire MIB. # # example: # -------- # # communities = { # public read-only # private read-write # } # # If the list is empty, the only valid community name is "public" # and its access type is read-only communities = { } # The list of hosts that can send SNMP queries. # If this list is empty, all the hosts are allowed to # send SNMP queries. # The hosts have to be blank separated or coma separated. # # example: # -------- # managers = { # host1, host2 # } # # IP addresses are also allowed. # # WARNING! # -------- # If you use the SNMP Relay, leave this list empty. # The SNMP Relay will substitute the IP address of the host # who sent the request by the IP address of the local host. # managers = { } ################### # trap parameters # ################### # The community name used in traps. trap-community = SNMP-trap # The list of hosts where traps should be sent. # The hosts have to be blank separated or coma separated. # # example: # -------- # trap-recipients = { # host3, host4 # } # # IP addresses are also allowed. trap-recipients = { $SNMP_TRAP_RECIPIENTS } TOTO } ###################################################################### snmpradius_read_conf () { $AWK "BEGIN { copy = 0; found = 0 } /#/ { next } /trap-recipients/ { found = 1 } /{/ { if(found == 1) { copy = 1; next } } /}/ { if (copy == 1) exit } { if(copy == 1) print }" < $SNMPRADIUS_CONF > $TMP_SNMPRADIUS_CONF DEFAULT_SNMP_TRAP_RECIPIENTS=`$CAT $TMP_SNMPRADIUS_CONF` $RM $TMP_SNMPRADIUS_CONF } ###################################################################### ASK_CORRECT="Is this correct" DEFAULT_SNMP_TRAP_RECIPIENTS="" # # echo $1, $2 contains default # askyesno_default () { while true do echo "$1 (y/n) [$2]: \c" read ans if [ "$ans" = "" ] then ans=$2 fi case $ans in "Y"|"y") return 1;; "N"|"n") return 0;; *) echo "\tInvalid Input: $ans";; esac done } return_1 () { return 1 } # # Echo $1 and get string ($2) # get_string () { echo "$1: \c" read $2 } # # Check if $1 is a valid host list # check_hosts_list () { PROBLEM=0 EMPTY=0 SNMP_TRAP_RECIPIENTS=`echo $1 | sed "s/,/ /g"` for i in $SNMP_TRAP_RECIPIENTS do EMPTY=1 val=`echo $i | grep "[_a-zA-Z-]"` if [ "$val" = "" ] then echo "ERROR: $i is not a valid hostname" PROBLEM=1 else /usr/sbin/arp $i 2>&1 | grep unknown >/dev/null if [ $? -eq 0 ] then echo "WARNING: $i is not a valid hostname" PROBLEM=1 else echo "$i ok" fi fi done if [ $EMPTY -eq 0 ] then echo "WARNING: the list is empty" PROBLEM=1 fi # if [ $PROBLEM -eq 1 ] # then echo "" # fi return $PROBLEM } askall () { echo "" echo "Alarms generated by the RADIUS Server" echo "will be forwarded as SNMP traps to a list of hosts." echo "The SNMP agents will also send SNMP traps to these" echo "hosts when it detects abnormal situations." echo "" echo "Update this list of hosts according to your network" echo "configuration. Add only hosts that are running network" echo "management software." echo "(hostnames must be separated by blank spaces or commas)" echo "" ASK_SNMP_TRAP_RECIPIENTS="List of hosts that SNMP traps will be sent to [$DEFAULT_SNMP_TRAP_RECIPIENTS]" get_string "$ASK_SNMP_TRAP_RECIPIENTS" SNMP_TRAP_RECIPIENTS if [ "$SNMP_TRAP_RECIPIENTS" = "" ] then SNMP_TRAP_RECIPIENTS=$DEFAULT_SNMP_TRAP_RECIPIENTS fi } askradius () { ASK_SNMP_TRAP_RECIPIENTS="List of hosts that SNMP traps will be sent to [$DEFAULT_SNMP_TRAP_RECIPIENTS]" get_string "$ASK_SNMP_TRAP_RECIPIENTS" SNMP_TRAP_RECIPIENTS if [ "$SNMP_TRAP_RECIPIENTS" = "" ] then SNMP_TRAP_RECIPIENTS=$DEFAULT_SNMP_TRAP_RECIPIENTS fi } ###################################################################### # BEGINING OF THE SHELL SCRIPT ###################################################################### case "$1" in ################### ##### INSTALL ##### ################### 'install') ##### Check if dsnmprad.conf already exists ##### if [ -f $SNMPRADIUS_CONF ] then $ECHO "File $SNMPRADIUS_CONF already exists" else ##### Create dsnmprad.conf ##### $ECHO "Creating $SNMPRADIUS_CONF ..." snmpradius_write_conf ##### Create dsnmprad.boots ##### $ECHO "Creating $SNMPRADIUS_BOOTS ..." $TOUCH $SNMPRADIUS_BOOTS fi ##### Start dsnmpserv ##### if [ -f /etc/init.d/init.snmpdx ] then /etc/init.d/init.snmpdx stop if /etc/init.d/init.snmpdx start then : else exit $e_fatal fi else if $SNMPRADIUS_RC start then : else exit $e_fatal fi fi ;; ################## ##### REMOVE ##### ################## 'remove') ##### Kill dsnmpserv ##### $SNMPRADIUS_RC stop ##### Kill dsnmprad ##### pidradius=`ps -fe | grep dsnmprad | grep -v grep|awk '{print $2}'` if [ -n "$pidradius" ] then echo "Stopping Radius SNMP Agent" kill -TERM $pidradius fi sleep 2 pidradius2=`ps -fe | grep dsnmprad | grep -v grep|awk '{print $2}'` if [ -n "$pidradius2" ] then if [ -n "$pidradius" ] then kill -9 $pidradius fi fi ##### Remove dsnmprad.conf ##### if [ -f $SNMPRADIUS_CONF ] then $ECHO "Removing $SNMPRADIUS_CONF ..." $RM $SNMPRADIUS_CONF fi ##### Remove dsnmprad.boots ##### if [ -f $SNMPRADIUS_BOOTS ] then $ECHO "Removing $SNMPRADIUS_BOOTS ..." $RM $SNMPRADIUS_BOOTS fi if [ -f $SNMPRADIUS_LOG ] then $ECHO "Removing $SNMPRADIUS_LOG ..." $RM $SNMPRADIUS_LOG fi if [ -f $SNMPRADIUS_LOG.old ] then $ECHO "Removing $SNMPRADIUS_LOG.old ..." $RM $SNMPRADIUS_LOG.old fi ;; ##################### ##### CONFIGURE ##### ##################### 'configure') echo "" echo "Configuration of RADIUS snmp agent" echo "" if [ -f $SNMPRADIUS_CONF ] then : else echo "$SNMPRADIUS_CONF does not exist" exit $e_fatal fi ALLDONE=0 snmpradius_read_conf while [ $ALLDONE -eq 0 ] do askradius echo "" check_hosts_list "$SNMP_TRAP_RECIPIENTS" if [ $? -eq 0 ] then askyesno_default "$ASK_CORRECT" y else askyesno_default "$ASK_CORRECT" n fi ALLDONE=$? done snmpradius_write_conf echo "" ##### (Re-)Start dsnmpserv ##### if [ -f /etc/init.d/init.snmpdx ] then $SNMPRADIUS_RC stop /etc/init.d/init.snmpdx stop if /etc/init.d/init.snmpdx start then : else exit $e_fatal fi else if $SNMPRADIUS_RC start then : else exit $e_fatal fi fi ;; *) bad_usage ;; esac exit $e_ok